user-guide-writing
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it incorporates content from project files into its documentation workflow without using boundary delimiters or input sanitization.
- Ingestion points: Step 3 of SKILL.md specifies that the agent should use Read, Glob, and Grep to gather evidence from the filesystem, including UI labels and support tickets.
- Boundary markers: The instructions do not define delimiters or provide 'ignore embedded instructions' warnings for the data being read and interpolated into the prompts.
- Capability inventory: The skill is equipped with Read, Write, Edit, Glob, and Grep capabilities, which allow it to modify files based on the processed information.
- Sanitization: The workflow lacks any requirement for validating or filtering the data retrieved from the environment before use.
- [SAFE]: The skill does not perform any suspicious network operations, access sensitive system directories, or contain obfuscated code.
- [SAFE]: All external references point to established and reputable documentation resources from organizations like Google and Microsoft.
Audit Metadata